Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
fix: encoding of XML chars in tags
Property and other items were encoded as `innerxml` instead of
`chardata`. Innerxml does not encode special XML chars.

See also: golang/go#16604

Signed-off-by: Christian Köberl <christian.koeberl@porscheinformatik.com>
  • Loading branch information
derkoe committed Apr 27, 2022
1 parent 0a1487e commit 644d3e5
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 4 deletions.
8 changes: 4 additions & 4 deletions cyclonedx.go
Expand Up @@ -49,7 +49,7 @@ type Affects struct {
}

type AttachedText struct {
Content string `json:"content" xml:",innerxml"`
Content string `json:"content" xml:",chardata"`
ContentType string `json:"contentType,omitempty" xml:"content-type,attr,omitempty"`
Encoding string `json:"encoding,omitempty" xml:"encoding,attr,omitempty"`
}
Expand Down Expand Up @@ -205,7 +205,7 @@ type Credits struct {

type DataClassification struct {
Flow DataFlow `json:"flow" xml:"flow,attr"`
Classification string `json:"classification" xml:",innerxml"`
Classification string `json:"classification" xml:",chardata"`
}

type DataFlow string
Expand Down Expand Up @@ -308,7 +308,7 @@ const (

type Hash struct {
Algorithm HashAlgorithm `json:"alg" xml:"alg,attr"`
Value string `json:"content" xml:",innerxml"`
Value string `json:"content" xml:",chardata"`
}

type HashAlgorithm string
Expand Down Expand Up @@ -517,7 +517,7 @@ type Pedigree struct {

type Property struct {
Name string `json:"name" xml:"name,attr"`
Value string `json:"value" xml:",innerxml"`
Value string `json:"value" xml:",chardata"`
}

type ReleaseNotes struct {
Expand Down
14 changes: 14 additions & 0 deletions encode_test.go
Expand Up @@ -73,6 +73,16 @@ func TestXmlBOMEncoder_SetPretty(t *testing.T) {
Name: "authorName",
},
},
Properties: &[]Property{
{
Name: "XML",
Value: "<xml>in here</xml>",
},
{
Name: "Specials",
Value: "Special chars: < & > \"",
},
},
}

require.NoError(t, encoder.Encode(bom))
Expand All @@ -85,6 +95,10 @@ func TestXmlBOMEncoder_SetPretty(t *testing.T) {
<name>authorName</name>
</author>
</authors>
<properties>
<property name="XML">&lt;xml&gt;in here&lt;/xml&gt;</property>
<property name="Specials">Special chars: &lt; &amp; &gt; &#34;</property>
</properties>
</metadata>
</bom>`, buf.String())
}

0 comments on commit 644d3e5

Please sign in to comment.